We pride ourselves on an open, and honest culture in the workplace which builds morale conducive to inspiring growth on our team, while balancing lifestyle by supporting personal and family goals with flexibility. We offer secure network systems and software engineering solutions in both the public and private sectors. With certified experts consulting the team, we are able to address the customer's mission and follow-through in the systems development life cycle.
Clearance Required: TS/SCI
Title: Information Systems Security Officer w/ DevSecOps exp
Location: Ft. Washington, MD
About the Role:
We are currently seeking a highly skilled and experienced Senior Information Systems Security Officer (ISSO) to join our team. The ideal candidate will have a deep understanding of implementing various security measures to protect an organization's computer systems and networks. This role requires a strong foundation in Linux engineering and containerization technologies, as well as proficiency in applying DISA Security Technical Implementation Guides (STIGs) and operating within applications and data. The successful candidate will have a proven track record of successfully designing and implementing security solutions in cloud environments and will be able to work collaboratively with other IT professionals to ensure the security of the organization's systems and data.
Responsibilities:
• Design, deploy, and manage security solutions (Scanning, IDS/IPS, NIDS/NIPS, SIEM) in a hybrid environment.
• Research and recommend technical solutions to various controls by understanding NIST 800-53 Risk Management Framework (RMF) and CNSSI 1253 & assist in developing policies, procedures and guidelines.
• Lead the effort in closing out Plan of Action & Milestones (POA&M) items that are associated with technology-related control items and findings.
• Responsible for implementing security solutions within container orchestration technologies such as Docker and Kubernetes.
• Conducting risk assessments and vulnerability assessments via implementing CI jobs to scan for various security defects such as SAST, DAST & container scanning.
• Apply DISA STIGs to ensure compliance with security standards and policies.
• Collaborating with other IT professionals to ensure that security is integrated into all aspects of the organization's IT infrastructure.
• Stay abreast of latest security threats, tools and techniques and recommend defense in depth strategies to mitigate risk to the organization.
• Provide mentorship and guidance to the team on cybersecurity best practices and basic cyber hygiene.
Qualifications:
• Bachelors Degree or equivalent experience and minimum 8 years prior relevant experience, or An Advanced Degree in a related field and minimum 5 years experience.
• Preferred candidate has a background in incident response and/or DevSecOps.
Solid understanding of Linux/Unix Administration. • Experience with containerization and orchestration technologies, particularly Docker and Kubernetes.
Benefits:
We offer a competitive benefits and compensation package and FUN place to work! Benefits include, but not limited to:
Health and Wellness Benefits
Medical Insurance (three CareFirst healthcare plans to choose from, Dental and Vision Insurance, 75% covered for employee/ 50% per dependant
Health Savings Account (HSA) contributions $1500 individual/ $3000 family
Personal Insurance Benefits
Company-paid Life Insurance and AD&D coverage
Company-paid Short-term and Long-term Disability Insurance
Paid Leave
Employees receive 20 days of vacation/10 holidays built into hourly rate/ 5 days of sick time (currently used for snow, jury, bereavement)
Retirement
Pre-tax 401k program including 6% company match
100% fully vested from eligibility date
*Eligible after 90 days of employment
Company provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, pregnancy, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.